Site

Definition of terms: “Site” in the legal context

The term “Site” (English for “location”, often used in the internet context as a synonym for “website” or “web presence”) has several dimensions of meaning in the legal field. Central to this are both the association with physical locations and the interpretation of digital manifestations. The legal analysis of the term “Site” covers various areas of law, including data protection law, copyright law, contract law, labeling law, as well as competition and liability law.

1. Definition and delimitation of the term

1.1 Site as a physical location

In common usage, “Site” is often used for a physical location, such as a company, a place of business, a plant, a data center, or a branch office. Legally relevant here are, in particular, determinations of location in trade law, building law, and in employment law issues.

1.2 Site in the digital context

In the digital sector, “Site” predominantly refers to an internet presence—a website or web application through which content, services, or goods are presented and sold. In this context, numerous specific regulations must be observed, relating to the technical, substantive, and organizational aspects of digital presences.

2. Legal aspects of Sites as physical locations

2.1 Trade and place of business law

For companies, the regulations regarding registration, operation, and notification obligations of physical locations are crucial. The “Site” as a place of business may have tax implications and must be assessed accordingly under tax law (e.g., taxation of permanent establishments, trade tax liability).

2.2 Building law and permission of use

Classical legal requirements for a physical “Site” arise from building regulations, usage rights, and environmental protection requirements. From building permits to safety approvals, there are extensive duties and responsibilities.

2.3 Employment law implications

The provision for employees at a location, working conditions, and occupational health and safety play a significant role, particularly when a company operates multiple Sites, in matters of employment law. This includes, for example, compliance with work safety, health protection, and co-determination obligations.

3. Sites as internet presences

3.1 Legal notice and provider identification obligations

Websites in Germany are subject to the obligation of provider identification pursuant to § 5 Telemedia Act (TMG). The legal notice (impressum) must be easily identifiable, directly accessible, and permanently available. Violations can result in written warnings (Abmahnungen) and fines.

3.2 Data protection and data security

3.2.1 General Data Protection Regulation (GDPR)

Operators of a Site must observe numerous data protection requirements. The GDPR and the Federal Data Protection Act (BDSG) require the lawful, transparent, and purpose-driven processing of personal data. Data subjects must be informed about the types of data processing, for example via cookie banners. Additional requirements apply to operators based outside the EU if their offerings are directed at users in the EU.

3.2.2 Handling of cookies and tracking

The use of cookies and tools for analyzing user behavior on a Site is only permissible after the user’s informed consent (see § 25 TTDSG). Exceptions for technically necessary cookies are to be interpreted narrowly.

3.3 Copyright protection and usage rights

3.3.1 Protection of content

All content on a Site—from texts and photos to graphics and source code—can be protected by copyright law (UrhG). Unauthorized use, reproduction, or modification by third parties can lead to claims for injunctive relief and damages.

3.3.2 Rights and obligations regarding third-party content

Use of third-party works, for example as embedded content, quotations, or images, generally requires licenses and/or the consent of the rights holders. Copyright infringements on Sites are frequently the subject of legal disputes.

3.4 Liability of Site operators

3.4.1 General liability under the TMG

Liability for own and third-party content on a Site is regulated by the Telemedia Act. Operators are fundamentally liable for their own content, but not necessarily for third-party content, such as user-generated posts. However, once aware of a legal violation, there is an obligation to review and remove such content.

3.4.2 Liability for links and references

Setting hyperlinks to external Sites may entail joint responsibility if the operator has indirect knowledge of unlawful content. According to case law, website operators are required to regularly check links for possible legal violations.

3.5 Competition law framework

Sites are central instruments in competition. Therefore, they are subject to the provisions of the Act Against Unfair Competition (UWG) and other trademark and market regulations. Misleading, comparative, or aggressive practices on Sites can be subject to warnings and court injunctions.

4. International and cross-border aspects

4.1 Applicable law and jurisdiction

Digital Sites are regularly accessible worldwide, which makes determining the applicable law and jurisdiction complex. It is usually decisive which target audiences the offer is directed at and where the economic activity is carried out. Often, the so-called ‘marketplace principle’ applies.

4.2 Domain law and naming rights

Choosing a legally secure domain for a Site is essential. Trademark, naming, and company identifiers may prevent the registration or use of domains. Disputes are often resolved worldwide by arbitration or court proceedings, for example under the UDRP (Uniform Domain-Name Dispute-Resolution Policy).

5. Conclusion and relevance in legal practice

The term “Site” is multifaceted in the legal context and encompasses both physical locations and digital presences. The legal consequences and obligations for Site operators depend on the individual case and arise from numerous laws and regulations. Careful, legally compliant planning, technical implementation, and ongoing compliance monitoring are essential prerequisites for the operation and use of Sites in the private, commercial, and public sectors.

Further topics:

• E-commerce law
• EU-GDPR and international data protection law
• Legal protection for domain names
• Guidelines for digital accessibility
• Burden of proof and documentation requirements for web presences

Frequently asked questions

When is a website legally considered to be operated on a commercial basis?

A website is legally considered to be operated on a commercial basis if it is not used exclusively for private or family purposes, but serves at least indirectly to pursue commercial interests. This applies, for example, to company websites, online shops, service offerings, and also to blogs with regular product placements or advertising. The decisive factor is not the intention to make a profit, but rather the participation in economic life over a certain period. The line can be difficult to draw in individual cases and courts decide based on the configuration of the specific website. Commercial websites are subject to numerous legal obligations, such as those under the Telemedia Act (TMG) and the State Broadcasting Treaty (RStV), including the obligation of provider identification (“impressum obligation”) or data protection requirements pursuant to the General Data Protection Regulation (GDPR).

What information must a legal notice (impressum) on a Site contain under German law?

According to § 5 Telemedia Act (TMG), providers of commercial, usually paid telemedia services must provide a legal notice (impressum) that is easily identifiable, directly accessible, and permanently available. This must include the following mandatory information: name and address of the service provider; in the case of legal entities, also the legal form, representatives, and, if applicable, the register court with registration number. Furthermore, contact options such as phone number and email address, competent supervisory authorities, and professional regulations (e.g., for certain freelancers) must be indicated. If a VAT ID or business identification number is used, this must also be provided. Incorrect, missing, or incomplete legal notice information can lead to warnings and fines under the TMG.

What data protection obligations must be observed when operating a Site?

Operators of a website who collect, store or process personal data are strictly bound by the requirements of the EU General Data Protection Regulation (GDPR) as well as corresponding national data protection provisions (in particular the amended BDSG). This includes, in particular, transparent information for users about the type, scope, and purpose of data processing in a privacy policy. Furthermore, user consent is required unless another legal basis applies (e.g., contact forms or newsletter sign-ups using double opt-in). The integration of tracking tools, cookies, and third-party providers requires specific notices and usually explicit consent from users (keywords: cookie banner and consent management). In addition, technical and organizational measures must be taken to protect the data, and user rights such as access, erasure, and objection must be respected.

What liability risks exist for website operators from a legal perspective?

Website operators are generally liable for all own content displayed on the Site, regardless of who (e.g., employees, agents) posted it. For third-party content (such as forums, guestbooks), limited liability applies after becoming aware of a legal violation (‘notice-and-take-down’ principle). Particular liability risks include infringements of copyright (images, texts, software), trademark rights, personality rights (such as through photos or comments), and competition law. Infringements of data protection law, legal notice (impressum) obligations, or further information obligations can also result in significant legal consequences (warnings, damages, fines). It is therefore important to carefully check external content prior to publication and to act immediately upon becoming aware of any legal violations.

Is it legally safe to set links to external content?

Merely linking to third-party websites generally does not infringe copyright if the linked source is freely accessible and there is no obvious violation of applicable law. Restrictions apply, however, in the case of so-called “deep links” or if the impression is created that the linked content is part of one’s own Site. According to a judgment of the European Court of Justice (ECJ), website operators are obliged to check whether obviously unlawful content is provided on the linked pages. If, despite knowledge or in the case of obvious unlawfulness, links are set, liability as a participant (“Störerhaftung”) may arise. It is advisable to regularly check whether the linked content is still lawful and to remove problematic links immediately.

When is it permissible to integrate cookies and tracking tools without the user’s active consent?

Storing or accessing information on a user’s device (e.g., through cookies) is generally only permissible with the user’s explicit consent, unless there are exceptions (‘strictly necessary cookies’ according to § 25 TTDSG – Telecommunications Telemedia Data Protection Act). Consent-free are technical cookies that are essential for the operation and functionality of the website, for example, shopping cart or session cookies. For all others—especially tracking, advertising, or analytics cookies—an active and informative consent management system is required, which allows the user to make granular choices and to object. Violations may result in substantial fines by supervisory authorities.

What legal regulations apply to sending newsletters via a website?

Sending newsletters is subject to strict legal requirements. The legal basis is provided by the GDPR as well as § 7 of the Act Against Unfair Competition (UWG). Newsletters may only be sent after explicit, informed, and documented consent from the recipient (double-opt-in process recommended). Registration and consent to data processing must be thoroughly documented and verifiable. Furthermore, each newsletter must contain an easily recognizable and always executable option to revoke/unsubscribe (unsubscribe link). Without consent or with unclear proof of consent, there is a risk of warnings, fines, and damages claims. The information obligations according to Art. 13 GDPR must also be observed during registration and in the newsletter itself.